Threat Landscape for Industrial Automation Systems in H1 2018

In this report, Kaspersky Lab ICS CERT publishes the findings of its research on the threat landscape for industrial automation systems conducted during the first half of 2018. Continue reading Threat Landscape for Industrial Automation Systems in H1 2018

Security assessment of corporate information systems in 2017

Each year, Kaspersky Lab’s Security Services department carries out dozens of cybersecurity assessment projects for companies worldwide. In this publication, we present a general summary and statistics for the cybersecurity assessments we have conducted of corporate information systems throughout 2017. Continue reading Security assessment of corporate information systems in 2017

IT threat evolution Q2 2018

Olympic Destroyer worm, Roaming Mantis mobile banker, Operation Parliament cyber-espionage campaign, SynAck ransomware and other notable targeted attacks and malware campaigns of Q2 2018. Continue reading IT threat evolution Q2 2018

IT threat evolution Q2 2018. Statistics

In Q2 2018, attempted infections by malware designed to steal money via online access to bank accounts were logged on the computers of 215,762 users, ransomware attacks were registered on the computers of 158,921 unique users. Continue reading IT threat evolution Q2 2018. Statistics

Olympic Destroyer is still alive

In May-June 2018 we discovered new spear-phishing documents that closely resembled weaponized documents used by Olympic Destroyer in the past. This and other TTPs led us to believe that we were looking at the same actor again. However, this time the attacker has new targets. Continue reading Olympic Destroyer is still alive

LuckyMouse hits national data center to organize country-level waterholing campaign

In March 2018 we detected an ongoing campaign targeting a national data center in the Central Asia that we believe has been active since autumn 2017. The choice of target made this campaign especially significant – it meant the attackers gained access to a wide range of government resources at one fell swoop. Continue reading LuckyMouse hits national data center to organize country-level waterholing campaign

IT threat evolution Q1 2018

In January, we uncovered a sophisticated mobile implant Skygofree that provides attackers with remote control of infected Android devices. Network worm OlympicDestroyer attacked on the Olympic infrastructure just before the opening of the games in February. Continue reading IT threat evolution Q1 2018